Overview

File _patchinfo of Package patchinfo.4836

<patchinfo incident="4836">
  <issue id="1039361" tracker="bnc">EMU: VUL-0: EMBARGOED: CVE-2017-1000367: sudo: Qualys new root/setuid privilege escalation method 05-2017</issue>
  <issue id="1024145" tracker="bnc">Sudoers fqdn not working as expected in SLES12SP2 compared to SLES11SP4</issue>
  <issue id="981124" tracker="bnc">sudo krb5_ccname does not work</issue>
  <issue id="1039361" tracker="bnc">EMU: VUL-0: EMBARGOED: CVE-2017-1000367: sudo: path traversal race conditions</issue>
  <issue id="1015351" tracker="bnc">sudo is not able to resolve sudo for users when using LDAP - fixed upstream</issue>
  <issue id="2017-1000367" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>kstreitova</packager>
  <description>
This update for sudo fixes the following issues:

CVE-2017-1000367:
- Due to incorrect assumptions in /proc/[pid]/stat parsing,
  a local attacker can pretend that his tty is any file on the filesystem,
  thus gaining arbitrary file write access on SELinux-enabled systems. [bsc#1039361]
- Fix FQDN for hostname. [bsc#1024145]
- Filter netgroups, they aren't handled by SSSD. [bsc#1015351]
- Fix problems related to "krb5_ccname" option [bsc#981124]
</description>
  <summary>Security update for sudo</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places